Month: January 2023

Qualcomm Snapdragon products code execution | CVE-2022-33274

January 7, 2023

NAME__________Qualcomm Snapdragon products code executionPlatforms Affected:Risk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Qualcomm Snapdragon products could allow a local attacker to execute arbitrary code...

Qualcomm Snapdragon products code execution | CVE-2022-33218

January 7, 2023

NAME__________Qualcomm Snapdragon products code executionPlatforms Affected:Risk Level:8.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Qualcomm Snapdragon products could allow a local authenticated attacker to execute arbitrary...

Qualcomm Snapdragon products code execution | CVE-2022-33300

January 7, 2023

Qualcomm Snapdragon products information disclosure | CVE-2022-33255

January 7, 2023

NAME__________Qualcomm Snapdragon products information disclosurePlatforms Affected:Risk Level:8.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Qualcomm Snapdragon products could allow a remote attacker to obtain sensitive information,...

Daily Vulnerability Trends: Sat Jan 07 2023

January 7, 2023

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-46164NodeBB is an open source Node.js based forum software. Due to a...

Malware Analysis – amadey – ab1584a0064fc4a6132e8ae530bf2a27

January 7, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: ab1584a0064fc4a6132e8ae530bf2a27SHA1: bcee66986d10f96543ccd86f7263b5f57d675d5eANALYSIS DATE:...

Malware Analysis – djvu – cafe995643719a184332620ddfd425b3

January 7, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: cafe995643719a184332620ddfd425b3SHA1: 5a51463584ce93b09e7227f4b0135b191a268bdcANALYSIS DATE: 2023-01-07T04:13:06ZTTPS: T1005, T1081, T1012, T1060,...

Malware Analysis – djvu – 409c1dfc671e23c5db46a54c8bc89718

January 7, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 409c1dfc671e23c5db46a54c8bc89718SHA1: 3fb3c48f09d3175fe70e5411e457e0e937541a47ANALYSIS DATE: 2023-01-07T03:53:30ZTTPS: T1005, T1081, T1012, T1222,...

Malware Analysis – amadey – 88d01b2f752a46708b106c66946917a8

January 7, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 88d01b2f752a46708b106c66946917a8SHA1: 108306ea32939fb9cc950e28e941bfb65ff5c4c3ANALYSIS DATE: 2023-01-07T05:04:52ZTTPS: T1082,...

Malware Analysis – amadey – 11a7e34ac7eab95249626be889097378

January 7, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 11a7e34ac7eab95249626be889097378SHA1: 7c1799df6324d3f7c086dbd0810e176d7aa24644ANALYSIS DATE:...

Malware Analysis – djvu – 1dba6d82e5bfaf48d6648ffb5251c812

January 7, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 1dba6d82e5bfaf48d6648ffb5251c812SHA1: 850e12cb91891996bf5bd30e26a2001cf11f080fANALYSIS DATE: 2023-01-07T05:00:33ZTTPS: T1060, T1112, T1082, T1012,...

Malware Analysis – amadey – eea2a8fb45dd969242c2bcfb9f612e48

January 7, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: eea2a8fb45dd969242c2bcfb9f612e48SHA1: 9059fda6374dd9cea212ef65fb510003a9d4f9daANALYSIS DATE:...

SlideTeam – 1,464,271 breached accounts

January 7, 2023

HIBP In April 2021, the "world’s largest collection of pre-designed presentation slides" SlideTeam had 1.4M records breached and later published...

Vice Society Ransomware Victim: LetMeRepair

January 7, 2023

Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Vice Society Ransomware Victim: Bay Area Rapid Transit

January 7, 2023

Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Vice Society Ransomware Victim: City Lit

January 7, 2023

Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Vice Society Ransomware Victim: Park View

January 7, 2023

Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Cobalt Stike Beacon Detected – 107[.]174[.]247[.]46:80

January 7, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 38[.]242[.]241[.]231:443

January 7, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 101[.]43[.]188[.]175:8443

January 7, 2023

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – 7873a6083d3990821cd66ad9a5aceebe

January 7, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 7873a6083d3990821cd66ad9a5aceebeSHA1: e0d03bb5c7674dc492687e66975edb397ff0b3c9ANALYSIS DATE: 2023-01-06T21:16:22ZTTPS:...

Malware Analysis – djvu – b0f0b79c2b04c118ef4f6629e88cd2bc

January 7, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: b0f0b79c2b04c118ef4f6629e88cd2bcSHA1: e88aec0e4d70cce8ae9ac6ed07191f24eb03afeaANALYSIS DATE: 2023-01-06T21:16:19ZTTPS: T1012, T1082, T1005, T1081,...

Malware Analysis – evasion – 4c0e7f72921c21ebb2d67d58d92e92fb

January 7, 2023

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 4c0e7f72921c21ebb2d67d58d92e92fbSHA1: 9b8a9d56ae0961825e7e5e8e0363c72297954009ANALYSIS DATE: 2023-01-06T22:25:33ZTTPS: T1031, T1562, T1489, T1060, T1112, T1107, T1490, T1012, T1120,...

Malware Analysis – djvu – ee56af504d8d398200f6b80870499502

January 7, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: ee56af504d8d398200f6b80870499502SHA1: 268e292df2627e4263cf9de0debb5d3136e8057aANALYSIS DATE: 2023-01-06T21:41:36ZTTPS: T1053, T1005, T1081, T1012,...

Month: January 2023

Qualcomm Snapdragon products code execution | CVE-2022-33274

Qualcomm Snapdragon products code execution | CVE-2022-33218

Qualcomm Snapdragon products code execution | CVE-2022-33300

Qualcomm Snapdragon products information disclosure | CVE-2022-33255

Daily Vulnerability Trends: Sat Jan 07 2023

Malware Analysis – amadey – ab1584a0064fc4a6132e8ae530bf2a27

Malware Analysis – djvu – cafe995643719a184332620ddfd425b3

Malware Analysis – djvu – 409c1dfc671e23c5db46a54c8bc89718

Malware Analysis – amadey – 88d01b2f752a46708b106c66946917a8

Malware Analysis – amadey – 11a7e34ac7eab95249626be889097378

Malware Analysis – djvu – 1dba6d82e5bfaf48d6648ffb5251c812

Malware Analysis – amadey – eea2a8fb45dd969242c2bcfb9f612e48

SlideTeam – 1,464,271 breached accounts

Vice Society Ransomware Victim: LetMeRepair

Vice Society Ransomware Victim: Bay Area Rapid Transit

Vice Society Ransomware Victim: City Lit

Vice Society Ransomware Victim: Park View

Cobalt Stike Beacon Detected – 107[.]174[.]247[.]46:80

Cobalt Stike Beacon Detected – 38[.]242[.]241[.]231:443

Cobalt Stike Beacon Detected – 101[.]43[.]188[.]175:8443

Malware Analysis – djvu – 7873a6083d3990821cd66ad9a5aceebe

Malware Analysis – djvu – b0f0b79c2b04c118ef4f6629e88cd2bc

Malware Analysis – evasion – 4c0e7f72921c21ebb2d67d58d92e92fb

Malware Analysis – djvu – ee56af504d8d398200f6b80870499502

CISA: Foreign Threat Actor Conducting Large-Scale Spearphishing Campaign with RDP Attachments

[RANSOMHUB] – Ransomware Victim: blr[.]com

HackerOne Bug Bounty Disclosure: std-process-command-batch-files-argument-escaping-could-be-bypassed-with-trailing-whitespace-or-periods–xpl-r-r

[LOCKBIT3] – Ransomware Victim: madison-home[.]com

[CHORT] – Ransomware Victim: sheboyganwi[.]gov

You may have missed